CRSI understands that the average NERC Registered Entity has many Cyber Assets that require the identification of baseline configurations. While NERC allows for these baselines to be created
for groups of assets as well as individual assets, the investment of resources for the creation of baseline configurations for just Cyber Asset groups represents hours of training personnel, researching, testing, and configuring Cyber Assets. At a minimum each baseline must contain the following items:
- Operating system or firmware with its version information
- Any commercially available or open-source application software that is intentionally installed including its version information
- Any custom software installed
- Any logical network accessible ports
- Any security patches applied.
At the same time, any networking ports that are open should include a business justification within each Cyber Asset’s respective baseline.Read More
For high impact BES Cyber Systems, entities are required to monitor for changes to the baseline configurations at least once every 35 calendar days. Without a properly set up configuration monitoring tool, the workload is practically unmanageable and will likely result in errors in other areas of work. Because of this, many entities have turned to tools to monitor for changes in the running configurations and issue alerts for any discovered changes.
While these entities have turned to the software vendors for assistance in configuration, they are subject to the vendor’s personnel availability and training. Even though the vendor’s personnel are highly knowledgeable of their own tool, these personnel may not have adequate NERC CIP implementation training.
CRSI’s personnel are experienced in the development and creation of baseline configurations, whether that be in a database or a configuration monitoring tool. This allows CRSI to efficiently determine the proper grouping of assets (if possible) and the full establishment of the baseline configurations and to ensure the completeness, adequacy, and accuracy of the baselines. CRSI trains its teams to configure tools that aid in monitoring of the baseline configurations and running configurations.
CRSI strategically partnered with more than 250 electric utilities in the last five (5) years for their NERC CIP Compliance Solutions. To find out more about how to create your Security Compliance Roadmap, call us today to schedule a free, no obligation consultation.